package com.chuck.config;

import com.chuck.shiro.UserRealm;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import org.apache.shiro.mgt.SecurityManager;

import java.util.LinkedHashMap;
import java.util.Map;


/**
 * shiro配置
 */
@Configuration
public class ShiroConfig {

    /*应用程序启动时，标有Bean注解的方法就会被自动调用*/
    @Bean
    public SessionManager sessionManager() {

        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();

        //设置session的过期时间为1小时，默认的是三十分钟，单位是毫秒
        sessionManager.setGlobalSessionTimeout(60 * 60 * 1000);
        //扫描session线程，清理超时回话
        sessionManager.setSessionValidationSchedulerEnabled(true);
        //禁用URL重写
        sessionManager.setSessionIdUrlRewritingEnabled(false);
        return sessionManager;
    }

    @Bean
    SecurityManager securityManager(/**/ UserRealm userRealm, SessionManager sessionManager) {

        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(userRealm);
        securityManager.setSessionManager(sessionManager);
        return securityManager;
    }

    /*配置过滤器
    * 页面登录不成功，页面跳转都是过滤器来配置的
    * */
    @Bean
    public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager){
        ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
        shiroFilter.setSecurityManager(securityManager);
        /*设置默认系统的登录页*/
        shiroFilter.setLoginUrl("/login.html");
        /*认证成功跳转到主页*/
        shiroFilter.setSuccessUrl("/index.html");
        /*未授权时的跳转链接*/
        shiroFilter.setUnauthorizedUrl("/");

        Map<String, String> filterMap= new LinkedHashMap<>();
        filterMap.put("/public/**","anon");//什么都不做，直接放行
        filterMap.put("login.html","anon");
        filterMap.put("/sys/login","anon");
        filterMap.put("/captcha.jpg","anon");
        //除了上面的路径不被拦截，其他所有的路径都会被拦住/
        // *
        // 该过滤器下面的页面必须验证后才能访问
        // 他实际上是shiro内置的一个拦截器
        filterMap.put("/**","authc");
        shiroFilter.setFilterChainDefinitionMap(filterMap);

        return shiroFilter;
    }
    @Bean
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor(){
        return new LifecycleBeanPostProcessor();
    }

    @Bean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator(){
        DefaultAdvisorAutoProxyCreator proxyCreator = new DefaultAdvisorAutoProxyCreator();
        proxyCreator.setProxyTargetClass(true);
        return proxyCreator;

    }

    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager){
        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
        advisor.setSecurityManager(securityManager);
        return advisor;
    }
}
